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DETAILED ACTION 

1 . Claims 1 - 5 and 7-35 are pending in the current application. 

Response to Arguments 

2. Applicant's arguments with respect to the claims have been considered but are 
moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 1 - 5, 7 - 14, 21 - 24, 29 - 31 and 33 - 35 are rejected under 35 
U.S.C. 103(a) as being unpatentable over "A Framework for Inter-ORB Request 
Level Bridge Construction" (hereinafter Steinder, cited in previous office action) 
in view of "Evaluating the Performance of Demultiplexing Strategies for Real-time 
CORBA" (hereinafter Gokhale). 

5. As to claim 1 , Steinder teaches (Mapping object references from HOP domain, p. 
10) a gateway between a first network and a second network (mapping or bridging 
mechanism resides at the boundary between domains; p. 2, Section 2), the system 
comprising: 
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interface means (lnterORB_Proxy uses standard CORBA interfaces) to receive 
from the first network a message (request from the client's ORB) intended for an object 
in the second (server's ORB) network (lnterORB_Proxy uses standard CORBA 
interfaces to translate request from the client's ORB to the server's ORB; Section 5.1 , p. 
7), the message including an identifier (foreign object reference; Section 5.2, p. 8) for a 
further object (a foreign object; section 5.2, p. 8) in either the first or second network; 

means (half-bridge) to generate further interface means (new half-bridge with 
lnterORB_Proxy inside) for receiving from the second network messages for the further 
object (half-bridge must create a new half-bridge with lnterORB_Proxy inside which 
encapsulates the reference); 

means to replace the received identifier (replace IOR in the request) with the new 
identifier (reference specific for this domain) in the message (lnterORB_Proxy object 
possesses a reference specific for this domain which replace IOR in the request); and 

means to forward the message to the object in the second network (reference 
returned in LocateReply is a final reference to be used during a call). 

Steinder also teaches (p. 9, Reference Translation; p. 10, Mapping object 
references from HOP domain) means to form a new identifier (mapped from their 
proprietary from to an Interoperable Object Reference for MOP) for the further interface 
means (lnterORB_Proxy object possesses a reference specific for this domain which 
replace IOR in the request). 

6. Steinder does not specify the new identifier including check data resulting from a 
hash operation for checking the validity of the or at least part of the new identifier. 
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However, Gokhale (pp. 4-5, Perfect Hashing) teaches an identifier (object key) 
including check data (hash function uses an automatically generated lookup table... to 
return a unique hash value for each object key) resulting from a hash operation (hash 
function) for checking the validity of the or at least part of the new identifier (perfect 
hash functions for object keys and operation names). 

7. It would have been obvious to a person of ordinarily skilled in the art at the time 
of the invention to apply the teaching of including check data in an identifier as taught by 
Gokhale to the invention of Steinder because this provides a high-performance real-time 
ORB (see abstract of Gokhale). 

8. As to claim 33, this is a method claim that corresponds to system 1 ; note the 
rejection to claim 1 above, which also meets this method claim. 

9. As to claim 2, Steinder teaches (Mapping object references from HOP domain, p. 
10) the new identifier includes information to enable subsequent recovery by the system 
of the received identifier (lnterORB_Proxy encapsulates the reference). 

10. As to claim 3, Steinder teaches (Section 5.4, p. 9) the new identifier includes a 
representation of the received identifier (opaque reference form is encapsulated in the 
object_key field). 
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11. As to claim 4, Steinder teaches (Section 5.4, p. 9) the new identifier includes an 
indication of the identity of the received identifier and the system includes means to 
associate said indication with said received identifier (fill out the ProfileBody 
structure... the opaque reference is encapsulated in the object_key field... host and port 
of this structure are assigned host name and port number of some HOP domain object 
which is able to support this reference in the case of calling it). 

12. As to claim 5, Steinder teaches (Section 5.4, p. 9) means to include in the new 
identifier a name tag (name and port number of some MOP domain object) to identify the 
interface means (host and port of this structure are assigned host name and port 
number of some HOP domain object which is able to support this reference in the case 
of calling it). 

1 3. As to claim 7, Steinder as modified teaches the check data is a result of a hash 
operation enacted on at least part of the identifier and a secret (hash function uses an 
automatically generated lookup table... to return a unique hash value for each object 
key; pp. 4-5, Perfect Hashing of Gokhale). 

14. As to claims 8 and 9, Steinder teaches (Section 5.4, p. 9) means to include in the 
new identifier an indication that the received identifier was received in a message from 
the first or second network (ProfileBody structure includes host and port). 
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15. As to claim 10, Steinder teaches (Section 5.4, p. 9) form the new identifier 
(ProfileBody structure) on the basis of the determined origin (opaque reference is 
encapsulated in the object_key field). 

1 6. As to claims 1 1 and 1 3, Steinder teaches (Eager reference mapping to HOP 
domain, p. 10) if the received identifier originated in the first network, the means to form 
the new identifier forms a new identifier including information to enable subsequent 
recovery by the system of the received identifier (IOR including host name and port 
number is sent to the half-bridge on the server's side... recipient creates a half-bridge for 
server environment... a reference of the lnterORB_Proxy inside the newly created half- 
bridge is sent to the server in the Request message). 

1 7. As to claim 1 2, Steinder teaches (Lazy reference mapping to HOP domain, p. 1 0) 
if the received identifier originated in the second network, having passed through the 
system from the second network to the first network (LocateReply will contain IOR 
which points to the lnterORB_Proxy inside the created half-bridge), the means to form 
the new identifier forms a new identifier comprising an original identifier recovered from 
information included in the received identifier (a Bridge Factory is introduced in each 
cooperating environment... its host name and port number are used to fill the 
ProfileBody field of the IOR). 
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18. As to claim 14, Steinder teaches (Section 5.1, p. 7 - 8) comprising means to 
detect a name tag (char * PeerRef) in the message. 

1 9. As to claim 21 , Steinder teaches (Section 5.1 , p. 7; Determining Foreign Object 
Reference at connection establishment stage, p. 10 - 1 1 ) the means to generate the 
further interface means comprises means to determine (finding the server object 
reference and creating its lnterORB_Proxy) on the basis of the received identifier 
whether a template (the lnterORB_Proxy is implemented as a template) for an 
appropriate further interface means is already known to the system. 

20. As to claims 22 and 24, Steinder teaches (Determining Foreign Object Reference 
at connection establishment stage, p. 10 - 1 1 ) the means to generate the further 
interface means comprises means, which is operable in the event an appropriate 
template is not known to the system, to obtain an appropriate template from a remote 
repository (a search for foreign object references and creation of lnterORB_Proxies for 
them is managed by a special trading protocol). 

21 . As to claim 23, Steinder teaches (Section 5.1, p. 7) the means to generate the 
further interface means comprises means, which is operable in the event no appropriate 
template is known to the system and/or an appropriate template is not recoverable from 
a remote repository, to obtain a generic template (lnterORB_Proxy uses standard 
CORBA interfaces... new CORBA module will inherit from the old one). 
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22. As to claim 29, Steinder teaches (Section 5.4, p. 9) wherein the received 
identifier is an Interoperable Object Reference (Interoperable Object Reference) having 
the form IOR [host: port: key] (opaque reference is encapsulated in the object_key 
field... host and port of are assigned host name and port number). 

23. As to claim 30, Steinder teaches (Section 5.4, p. 9) the new identifier 
(ProfileBody structure) is an Interoperable Object Reference (Interoperable Object 
Reference) having the form IOR[host x: port x: key x] (object_key field.. . host and port), 
wherein key x includes information to enable subsequent recovery by the system of the 
received identifier (opaque reference is encapsulated in the object_key field). 

24. As to 31 , Steinder teaches (Section 5.4, p. 9) wherein key x includes a 
representation of the received object reference IOR[host i: port i: key i] (opaque 
reference is encapsulated in the object_key field). 

25. As to claims 34 and 35, Steinder teaches the further interface means 
(lnterORB_Proxy) corresponds to the further object (foreign object) and the further 
interfaces means is generated only when or after the message including the identifier 
for the further object is received (when a foreign object reference appears inside a half- 
bridge this new object adapter has to enable creation of dynamic object — an 
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lnterORB_Proxy to encapsulate it if such an encapsulating lnterORB_Proxy does not 
yet exist, giving it an appropriate reference; p. 8, Section 5.2). 

26. Claims 15-20, and 32 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Steinder and Gokhale in view of "ORB 2.0 RFP Submission" 
(hereinafter IONA, cited in previous office action). 

27. As to claims 15, 17 and 18, Steinder as modified does not teach determining if an 
object is valid and available to receive messages. 

However, IONA teaches (p. 29) checking validity of an identifier (most ORBs 
provide the ability to determine if an object reference is still valid) determine whether the 
object in the second network is valid and is still available to receive messages 
(gatewayed objects that have not been used in a long time could be checked to see if 
they no longer exist). 

28. It would have been obvious to a person of ordinarily skilled in the art at the time 
of the invention to apply the teaching of checking validity of an identifier as taught by 
IONA to the invention of Steinder as modified because gatewayed objects that have not 
been used in a long time could be checked to see if they no longer exist and, if they 
have been deleted, the proxy may also be deleted (p. 29 of IONA). 

29. As to claim 1 6, Steinder as modified teaches (Section 4.5.1 , p. 25 of IONA) a 
naming service (name services) and the presence or absence of a name tag being 
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indicative of whether the object associated with the name tag is available or not 
(gatewayed objects that have not been used in a long time could be checked to see if 
they no longer exist and if they have been deleted, the proxy may also be deleted). 

30. As to claim 32, Steinder teaches (Section 5.1 , p. 7 - 8; Section 5.4, p. 9) key x 
includes: an identifier to indicate from which network the object reference originated 
(opaque reference is encapsulated in the object_key field) and a name tag (char * 
PeerRef) associated with an identity of the gateway process. As to check data for 
verifying the validity of the object reference, see the rejection to claim 1 above. 

31 . As to claim 1 9, see the rejection to claim 7 above. 

32. As to claim 20, Steinder as modified teaches the secret is stored by and only 
accessible by the gateway (hash function uses an automatically generated lookup 
table... to return a unique hash value for each object key; pp. 4-5, Perfect Hashing of 
Gokhale). 

33. Claims 25 - 28 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Steinder and Gokhale in view of U.S. Patent No. 5,991,877 to Luckenbaugh 
(cited in previous office action). 



34. As to claim 25, Steinder as modified does not teach a trusted operating system. 
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However, Luckenbaugh teaches (column 4, line 57 - column 5, line 5; column 
10, lines 10 - 40) teaches a trusted operating system (access control system includes a 
trusted framework). 

35. It would have been obvious to a person of ordinarily skilled in the art to apply the 
teaching of a trusted operating system as taught by Luckenbaugh to the invention of 
Steinder as modified because this provides fine-grained security access authorizations 
(column 2, lines 39 - 55 of Luckenbaugh). 

36. As to claim 26, Steinder as modified teaches (column 8, lines 20 - 50; column 9 f 
lines 23 - 31 ; column 10, lines 30-40 of Luckenbaugh) the trusted operating system 
enforces Mandatory Access Control (MAC and role-based policies). 

37. As to claim 27, Steinder as modified teaches (column 6, line 42 - column 7, line 
30; column 8, lines 1 - 48 Luckenbaugh) comprising at least two logical compartments 
(client 301 and server 302, Fig. 3) and a trusted relay process (AuthClient class 140, 
Fig. 3) that has privileges necessary to pass messages between the two compartments, 
wherein the first network and the respective interface means are associated with a first 
compartment and the second network is associated with a second compartment (policy 
manager of 31 0a of the client 301 must issue the appropriate call through an AuthClient 
object 140 to invoke an appropriate return by the interaction of an authenticator object 
130 and the policy manager 310b of the server 302, Fig. 3). 
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38. As to claim 28, Steinder as modified teaches (column 8, lines 20 - 50 of 
Luckenbaugh) wherein a secret (name and password), usable by the system in a hash 
operation for validating object references (authentication protocol between the client 
and server), is associated with a third compartment (Authenticator 130, Fig. 3), and 
wherein only the trusted relay process has the privileges necessary to retrieve the 
secret from the further compartment in order to enact a hash operation (instances of the 
AuthClient class 140 contains objects which preferably provide an interface... to collect 
information concerning the client which are needed for particular authorization 
policies... any number of additional interfaces to accommodate other existing or custom 
authorization protocols can be provided). 

Conclusion 

39. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. See USPTO form 892. 

40. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Li B. Zhen whose telephone number is (571 ) 272-3768. 
The examiner can normally be reached on Mon - Fri, 8:30am - 5pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Meng-Ai An can be reached on (571 ) 272-3756. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



Li B. Zhen 
Examiner 
Art Unit 2126 
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